From 1aecd18e5cc9d8b9dfd4063e749ce61eb0077e2a Mon Sep 17 00:00:00 2001
From: Ruben Rodriguez <ruben@gnu.org>
Date: Mon, 21 Nov 2016 14:41:08 -0500
Subject: https-everywhere updated to 5.2.7

---
 .../https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'data/extensions/https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js')

diff --git a/data/extensions/https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js b/data/extensions/https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js
index c5834dd..1ba27b4 100644
--- a/data/extensions/https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js
+++ b/data/extensions/https-everywhere-eff@eff.org/chrome/content/code/HTTPS.js
@@ -43,8 +43,8 @@ const HTTPS = {
     var isSTS = securityService.isSecureURI(
         CI.nsISiteSecurityService.HEADER_HSTS, channel.URI, 0);
     if (blob === null) {
-      // Abort insecure requests if HTTP Nowhere is on
-      if (httpNowhereEnabled && channel.URI.schemeIs("http") && !isSTS) {
+      // Abort insecure non-onion requests if HTTP Nowhere is on
+      if (httpNowhereEnabled && channel.URI.schemeIs("http") && !isSTS && !/\.onion$/.test(channel.URI.host)) {
         IOUtil.abort(channel);
       }
       return false; // no rewrite
-- 
cgit v1.2.3